Hi everyone,
I am new to crowdsec and I have set up crowdsec using the Docker container from here in my home lab:
https://hub.docker.com/r/crowdsecurity/crowdsec
The container seems to running as root by default. Is it possible to run it with a non-root user? I tried it, and it worked quite well for the most part, but I get e.g. this error on every startup:
crowdsec | time="2024-09-18T21:08:17+02:00" level=error msg="unable to open GeoLite2-City.mmdb : open /var/lib/crowdsec/data/GeoLite2-City.mmdb: permission denied"
crowdsec | time="2024-09-18T21:08:17+02:00" level=warning msg="unable to initialize GeoIP: open /var/lib/crowdsec/data/GeoLite2-City.mmdb: permission denied"
I think the reason is that this directory and its files are only accessible by root user and root group:
f5fb83303192:/$ ls -la /staging/var/lib/crowdsec/data/
total 70504
drwxr-xr-x 3 root root 4096 Sep 12 11:39 .
drwxr-xr-x 1 root root 4096 Sep 12 11:39 ..
-rw------- 1 root root 8404553 Sep 12 11:39 GeoLite2-ASN.mmdb
-rw------- 1 root root 63771586 Sep 12 11:39 GeoLite2-City.mmdb
drwx------ 2 root root 4096 Sep 12 11:39 trace
This directoy is created here in the Dockerfile:
I can change manually the permissions in the running container which seems to work, and I guess, I could also patch the Dockerfile myself to adapt the permissions.
I am surprised I could not find any information online about running crowdsec as non-root user but maybe I had bad luck when searching. Is there an official way to do this? Or is it generally not advised to do so?
Thanks in advance for help!